Engineers working to the ISO 26262 automotive functional safety standard want many things of the software tools they use. Among the most important are confidence in those tools’ suitability and help in meeting the standard’s heavy reporting requirements.
With that in mind, vendor Mentor Graphics launched its Mentor Safe program earlier this year. Its cornerstone is an ability to provide documents on qualification that identify various tools’ suitability for the task in hand, accompanied by reports appropriate to them. These can be folded into the wider ISO 26262 documentation process.
“We established the Mentor Safe program to help our customers rapidly navigate the increasingly complex process of functional safety certification with confidence, allowing them to spend more time creating value-added solutions that help to differentiate and win in highly competitive markets,” said Brian Derrick, Mentor vice president and general manager.
How Mentor Safe works
The Mentor Safe program, administered through the Mentor Automotive division, runs the gamut of the company’s tools from system design to embedded software (Figure 1).
The reports define how tools can be used in various use cases, with particular reference to how safety-critical these may be. ISO 26262 defines four ‘automotive safety integrity levels’ or ‘ASILs’, rising in criticality from '1' to' 4', '4' being the highest. The reports are then tailored for use in the context of Section 11, Part 8 of the standard, ‘Supporting Processes’ (Figure 2).
How does Mentor do this to the satisfaction of the user?
Following the launch of Mentor Safe, the company is releasing a wide range of supporting material. The company has updated the landing page for the program and also produced a useful 26-minute video. The video explains both the process framework for ISO 26262 and how the program fits within that.
The reports are delivered under non-disclosure agreements. However, we can look at some of the metrics and analysis involved in creating them. The main components are shown in Figure 3.
The resulting report is delivered as an eight-part document (Figure 4).
According to the safety-criticality (and also the design flow of the user), Mentor offers the reports on three levels. The most basic is a ‘Software Tool Qualification Report’. Next up is a ‘Mentor Safe Assessment’, where the company provides further customized detail itself based on the user’s needs. The final level is ‘Third Party Certification’, where the assessment is undertaken by an independent analyst.
The video also provides further examples of how this process will work with examples based on the company’s Tessent TestKompress data compression tool and its ReqTracer requirements tracking tool for ASICs and FPGAs.